package com.xinjian.jianba.utils;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.http.ProtocolType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;

/**
 * STS 服务util.
 *
 */
@Component
public final class STSUtil {
	private static final Logger LOGGER = LoggerFactory.getLogger(SMSUtils.class);
	private static String accessKeyId;
    private static String accessKeySecret;
 // 目前只有"cn-hangzhou"这个region可用, 不要使用填写其他region的值
 	private	static	String region;
 			// 阿里云的sts服务器
 	private	static	String endpoint;
 	        
 	private static  String roleArn;
 	private static  String roleSessionName;
 	
 	public static String backRequestUri="/api/v3/jianba/sts/video/back";
 	
 
 	@Value("${jianba.vod.region}")
	public  void setRegion(String region) {
		STSUtil.region = region;
	}
 	@Value("${jianba.vod.endpoint}")
	public  void setEndpoint(String endpoint) {
		STSUtil.endpoint = endpoint;
	}
 	@Value("${jianba.vod.roleArn}")
	public  void setRoleArn(String roleArn) {
		STSUtil.roleArn = roleArn;
	}
 	@Value("${jianba.vod.roleSessionName}")
	public  void setRoleSessionName(String roleSessionName) {
		STSUtil.roleSessionName = roleSessionName;
	}

	@Value("${jianba.vod.accessKeyId}")
	public  void setAccessKeyId(String accessKeyId) {
		STSUtil.accessKeyId = accessKeyId;
	}

    @Value("${jianba.vod.accessKeySecret}")
	public  void setAccessKeySecret(String accessKeySecret) {
		STSUtil.accessKeySecret = accessKeySecret;
	}


	// TODO 此处需要替换成开发者自己的AK(在阿里云访问控制台寻找)
	public static AssumeRoleResponse getSts() throws ClientException {
			
	        String policy = "{\r\n" + 
	        		"	\"Statement\": [\r\n" + 
	        		"		{\r\n" + 
	        		"			\"Action\": [\r\n" + 
	        		"				\"vod:*\"\r\n" + 
	        		"			],\r\n" + 
	        		"			\"Effect\": \"Allow\",\r\n" + 
	        		"			\"Resource\": [\r\n" + 
	        		"				\"*\"\r\n" + 
	        		"			]\r\n" + 
	        		"		}\r\n" + 
	        		"	],\r\n" + 
	        		"	\"Version\": \"1\"\r\n" + 
	        		"} ";
	        ProtocolType protocolType = ProtocolType.HTTPS;
		try {
			 // Init ACS Client
			DefaultProfile.addEndpoint("", "", "Sts", endpoint);
			IClientProfile profile = DefaultProfile.getProfile("", accessKeyId, accessKeySecret);
            DefaultAcsClient client = new DefaultAcsClient(profile);
            final AssumeRoleRequest request = new AssumeRoleRequest();
            request.setMethod(MethodType.POST);
            request.setProtocol(protocolType);
            request.setRoleArn(roleArn);
            request.setRoleSessionName(roleSessionName);
            request.setPolicy(policy); // Optional
            final AssumeRoleResponse response = client.getAcsResponse(request);
			return response;
		} catch (ClientException e) {
			throw e;
		}
	}
}
